Intrusion tolerant distributed object systems: project summary

Intrusion prevention mechanisms and technologies cannot always prevent a well-funded and persistent adversary from penetrating information systems. Middleware is one area where a system can provide intrusion tolerance. Distributed object middleware is considered the most general kind of middleware, and the Common Object Request Broker Architecture (CORBA) is a widely adopted standard for distributed object middleware. The goal of our Intrusion Tolerant Distributed Object Systems (ITDOS) framework is to create an architecture for distributed object systems that can provide high reliability for mission-critical information systems by tolerating Byzantine (arbitrary) faults in object servers. CORBA systems are one of the potential middleware architectures that can be supported by the architecture. From a system-level point of view, this architecture provides additional security in the form of a firewall proxy that can monitor Byzantine fault-tolerant multicast (BFTM) messages at the enclave boundary and minimize the impact of certain denial of service (DoS) attacks.